Definition

content spoofing

Content spoofing is a type of exploit used by a malicious hackers to present a faked or modified Web site to the user as if it were legitimate. The intent is, typically, to defraud victims (as in phishing) although sometimes the purpose is simply to misrepresent an organization or an individual. Content spoofing often exploits an established trust relationship between a computer user and an organization.

The attacker typically leads an Internet user to spoofed content through e-mail, bulletin-board postings and chat-room transmissions. In some cases, an attacker may modify information and links in an established Web site by accessing and altering content on the server. The latter type of content spoofing is more difficult to detect because there is no readily apparent difference to the casual observer.

The most dangerous content spoofing is done with DHTML (dynamic HTML) content sources such as forms and log-in applications. When a Web page with spoofed content is viewed by an Internet user, the location bar displays what appears to be a legitimate URL. However, the attacker has generated or altered by the page. As a result, when the user enters sensitive data (such as a credit card number, password, bank account number, birth date, or Social Security number), the attacker can obtain the data for identity theft or some other fraudulent purpose.

This was last updated in September 2006

Continue Reading About content spoofing

The Web Application Security Consortium describes content spoofing and provides an example of how it is done.

Secunia identifies a content spoofing vulnerability in Windows, and provides links to appropriate patches.

Dig Deeper on Internet Application Security

All
News
Get Started
Evaluate
Manage
Problem Solve

Start the conversation

Send me notifications when other members comment.

-ADS BY GOOGLE

File Extensions and File Formats

A
B
C
D
E
F
G
H
I
J
K
L
M
N
O
P
Q
R
S

T
U
V
W
X
Y
Z
#

Powered by:

SearchMicroservices

Continuous architecture combats dictatorial EA practices

To thrive today, Agile businesses must outgrow the architecture review board and enterprise silos to create an integrated culture...
The key differences between stateless and stateful microservices

Not all services are the same. Learn about the fundamental differences between a stateful and a stateless microservice and the ...
When event-driven messaging is the right choice

Event-driven messaging and API messaging both have their place in application architecture. In this Q&A, a Gartner analyst ...

TheServerSide.com

Help your developers create a better IT security model

Developers need to be comfortable with their tools to create a strong security model in an organization. Don't overlook these ...
Five RESTful web service client examples for developers

Explore your web service client invocation options with these five examples that enable developers to perform this task at any ...
Red Hat replaces Oracle as OpenJDK 8, OpenJDK 11 steward

Red Hat has taken control of two popular versions of the open source Java implementation, so developers can continue to build ...

SearchCloudApplications

Microsoft Azure Dev Spaces, Google Jib target Kubernetes woes

Microsoft Azure and Google Cloud both added cloud application development tools that improve and simplify the process of creating...
With progressive web applications, developers blur the lines

With progressive web applications, single-page apps, motion UI and other innovations, app development meets the moment, giving ...
Web app development morphs as apps and websites merge

The lines between web and mobile app and websites are blurring, so development silos are out, and boning up on building ...

SearchAWS

ShieldX adds lateral movement security for cloud protection

In an effort to prevent lateral movement from cybercriminals within the cloud, ShieldX has added East-West security to its ...
What the AWS and open source spat means for users and enterprises

Explore the concerns at the center of the AWS vs. open source debate and how they play into a larger conflict between the open ...
Azure-to-AWS migration tool aims to lure Microsoft workloads

Customers might appreciate the flexibility of a new AWS tool that pulls in Azure VM workloads but should be mindful of the big ...

SearchBusinessAnalytics

Augmented data analytics overshadows traditional BI process

Automated functionality is being added to BI software to help users find and analyze data. This handbook looks at the benefits ...
Augmented BI tools speed insights with less manual labor

Through AI, machine learning and NLP, augmented analytics reduces the manual labor of traditional BI work to more quickly and ...
Most in-demand data science skills include ML, Python

Experts detail the skills employers want most in data scientists -- notably machine learning and programming languages -- and why...

SearchHRSoftware

Diversity in hiring a key to eradicating AI bias

HR is turning to AI systems to help rank and sort job candidates. But the systems like these are mostly designed by men, who may ...
Technology can aid diversity and inclusion in HCM, with caveats

Vendors are increasingly building AI applications to be bias-free to address concerns around diversity and inclusion. The ...
As baby boomers exit, AR and VR tools help to capture their expertise

Demand for virtual and augmented reality tools is soaring, and the need to capture expertise from retiring baby boomers may be ...

SearchHealthIT

Identify goals to benefit from population health analytics

Population health analytics are becoming increasingly important to the transition to value-based care. CIOs should evaluate ...
Physician burnout eased with homegrown tech

Kaiser Permanente fights fire with fire by developing digital tools to reduce technology-related physician burnout.
InterSystems HealthShare launches Provider Directory

The new Provider Directory in the InterSystems HealthShare system will consolidate all available information on providers and ...

DevOpsAgenda

How to bust security silos and secure your operation

DevOps means velocity, though, not at security's expense. Rapid7's Jen Andre thinks automation and orchestration strategies can ...
The first step from Agile to DevOps is a pilot project

Agile to DevOps isn't as perilous as Waterfall to Agile, but it will take measurable goals and an efficient pilot project to ...
Best practices for DevOps compliance and reusability

You know you want to scale with a model-driven process. So how do you make it work? Start with these best practices for ...

Close